New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Weird Proxmox firewall behavior
hi Let !
I'm working on a proxmox cluster right now for testing and I have two nodes. I wanted to give proxmox firewall a chance.
I moved all my vms to one node, disabled the proxmox firewall in web interface and enabled it on the empty node. Then I enabled it on datacenter view in hope, that it would only apply rules to the one node, where firewall is enabled in firewall options.
But: after enabling the firewall on datacenter, proxmox enabled the firewall on both nodes, giving my vms a downtime.
Do you have any idea, why proxmox enabled "PVE-FW" on a node, where firewall is explicitly disabled in the web interface ? Is there any option, to test the setting on one node only without enabling the whole firewall on all nodes ?
Thanks in advance
Comments
I agree with you. That little button made me lose connection from the node today.
By defauly proxmox will block all ports. You have to add rules regarding which ports you wanna allow. First you should add rules then enable firewall, other will you can not access VMS. Even you ay lockdown yourself if you are accessing remotely.
To test you can allow your IP first and start adding rules and test from other IP.
With Proxmox you need to enable the FW on the datacentre and set the default policy to ACCEPT otherwise you may lose connection, then enable FW on your Hypervisor node and then on the VM. Ensure you don't miss the firewall tickbox on the VM's Network Card.